2009-06-03 18:27:08 +00:00
|
|
|
<HTML>
|
|
|
|
|
|
|
|
<TITLE>encodeURI Sanitation</TITLE>
|
|
|
|
|
|
|
|
Hi
|
|
|
|
|
|
|
|
<SCRIPT>
|
|
|
|
|
|
|
|
var pos=document.URL.indexOf("name=")+5;
|
2010-11-05 00:37:43 +00:00
|
|
|
var txt = document.URL.substring(pos,document.URL.length); // bad thing
|
|
|
|
encodedTxt = encodeURI(txt); // sanitizer
|
|
|
|
document.write(encodedTxt); // safe use
|
2009-06-03 18:27:08 +00:00
|
|
|
|
|
|
|
</SCRIPT>
|
|
|
|
|
|
|
|
<BR>
|
|
|
|
Welcome to our system
|
|
|
|
|
|
|
|
</HTML>
|